ESTIMATING AND VISUALIZING SECURITY RISK IN INFORMATION TECHNOLOGY SYSTEMS
First Claim
1. A computer-readable medium containing instructions which, when executed by one or more processors disposed in an electronic device, perform a method for estimating risk for an IT asset in an enterprise network, the method comprising the steps of:
- receiving an assessment about a security state of the IT asset, the assessment being configured for communicating data indicating a type of problem with the IT asset, a severity of the problem, and a level of confidence that the problem with the IT asset exists; and
applying a value of the IT asset and the data from the assessment to estimate a discrete risk category that is applicable to the IT asset.
2 Assignments
0 Petitions
Accused Products
Abstract
Security risk for a single IT asset and/or a set of IT assets in a network such as an enterprise or corporate network may be estimated and represented in a visual form by categorizing risk into different discrete levels. The IT assets may include both computing devices and users. The risk categorization uses a security assessment of an IT asset that is generated to indicate the type of security problem encountered, the severity of the problem, and the fidelity of the assessment. The asset value of an IT asset to the enterprise is also assigned. Security risk is then categorized (and a numeric risk value provided) for each IT asset for different problem types by considering the IT asset value along with the severity and fidelity of the security assessment. The security risk for the enterprise is estimated using the numeric risk value and then displayed in visual form.
-
Citations
20 Claims
-
1. A computer-readable medium containing instructions which, when executed by one or more processors disposed in an electronic device, perform a method for estimating risk for an IT asset in an enterprise network, the method comprising the steps of:
-
receiving an assessment about a security state of the IT asset, the assessment being configured for communicating data indicating a type of problem with the IT asset, a severity of the problem, and a level of confidence that the problem with the IT asset exists; and applying a value of the IT asset and the data from the assessment to estimate a discrete risk category that is applicable to the IT asset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-readable medium containing instructions which, when executed by one or more processors disposed in an electronic device, perform a method for using an assessment that describes a state of security for an IT asset, the method comprising the steps of:
-
monitoring the state of security for the IT asset; generating the assessment when a security problem is detected that affects the IT asset, the assessment being configured for communicating data indicating a type of problem with the IT asset, a severity of the problem, and a probability of known loss with the IT asset; and sending the assessment to an application, process, or service for processing, the processing being configured for providing an estimate of security risk that is associated with the monitored IT asset. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method for providing a visualization of security risk for a set of IT assets in an enterprise, the method comprising the steps of:
-
estimating a discrete security risk for the set of IT assets, the estimating comprising assigning a risk category based on a combination of IT asset values, severity of security problems affecting the IT assets, and fidelity of assessments describing a security state for each of the IT assets in the set; calculating a continuously-expressed security risk from numeric risk values, the numeric risk values being based on a combination of IT asset values, severity of security problems affecting the IT assets, and fidelity of assessments describing a security state for each of the IT assets in the set; and dynamically displaying the discrete security risk and the continuously-expressed security risk through a GUI. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification